Engineering Playbook
Kubernetes

Manifests & GitOps

Helm, Kustomize, and ArgoCD.

Manifest Management

Kubernetes speaks YAML. But managing raw YAML for 50 services across 3 environments (Dev, Staging, Prod) is a nightmare.

Templating Engines

Helm (The Package Manager)

Helm uses Go templates ({{ .Values.image }}).

  • Pros: Standard, huge ecosystem of pre-made charts (Redis, Prometheus).
  • Cons: Template logic gets messy. Debugging whitespace in YAML templates is painful.

Kustomize (The Overlayer)

Kustomize uses a "Base" and "Overlay" approach.

  • Base: deployment.yaml (Generic).
  • Prod Overlay: Patch the base to set replicas: 5.
  • Pros: No templating language. Pure YAML. Built into kubectl.

GitOps (ArgoCD / Flux)

Stop running kubectl apply from your laptop.

GitOps uses a Git repository as the "Source of Truth".

  1. Repo: Contains your Helm/Kustomize files.
  2. Controller (ArgoCD): Runs inside the cluster. It watches the Git repo.
  3. Sync: If the Repo differs from the Cluster state, ArgoCD forces the cluster to match the repo.
  • Drift Detection: If someone manually changes a setting in the cluster, ArgoCD alerts that the cluster is "Out of Sync" with Git.

The GitOps Loop

Dev pushes code -> CI builds Docker Image -> CI updates image: tag in Git Repo -> ArgoCD sees change -> ArgoCD deploys to Cluster.

Cluster Operations

Managed K8s (EKS/GKE), Upgrades, and Node Pools.

Cloud Networking

VPCs, Subnets, CIDR, and DNS.

On this page

Manifest ManagementTemplating EnginesHelm (The Package Manager)Kustomize (The Overlayer)GitOps (ArgoCD / Flux)